FKIE_CVE-2025-0144
Vulnerability from fkie_nvd - Published: 2025-01-30 20:15 - Updated: 2025-08-20 12:36
Severity ?
3.1 (Low) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
Out-of-bounds write in some Zoom Workplace Apps may allow an authorized user to conduct a loss of integrity via network access.
References
| URL | Tags | ||
|---|---|---|---|
| security@zoom.us | https://www.zoom.com/en/trust/security-bulletin/zsb-25003/ | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:android:*:*",
"matchCriteriaId": "24C34BE7-5D76-4269-BA59-A3F1D92AB89C",
"versionEndExcluding": "6.2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:iphone_os:*:*",
"matchCriteriaId": "0FDB317B-3796-4462-99FE-4F8EA64A2B21",
"versionEndExcluding": "6.2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "3C4F07D8-FB5B-4C94-965B-EA8303E79B0F",
"versionEndExcluding": "6.2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "4B61C9F0-CDD7-4843-A95B-35BB013EA52E",
"versionEndExcluding": "6.2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "A98C293E-D615-4807-B5D6-D3EACF6C2E5A",
"versionEndExcluding": "6.2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zoom:rooms:*:*:*:*:*:ipados:*:*",
"matchCriteriaId": "031A7405-7D8F-4C3C-A03C-9DB330BB8D7D",
"versionEndExcluding": "6.2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zoom:rooms:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "B74B66FB-1F90-4922-AEE8-85E07FC1D604",
"versionEndExcluding": "6.2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zoom:rooms:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "5369DF52-B7F8-45BF-B431-747DFA54CF1E",
"versionEndExcluding": "6.2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zoom:rooms_controller:*:*:*:*:*:android:*:*",
"matchCriteriaId": "758E029E-C3E3-4F81-B916-63EEF2B52100",
"versionEndExcluding": "6.2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zoom:rooms_controller:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "80F51FE1-8F38-4623-90C0-1A5A3F674102",
"versionEndExcluding": "6.2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zoom:rooms_controller:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "89C3A3DC-84C0-467C-8F34-C63A497773B3",
"versionEndExcluding": "6.2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zoom:rooms_controller:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "F57C8F45-FAE2-486D-83F4-0E938B62CBDB",
"versionEndExcluding": "6.2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zoom:video_software_development_kit:*:*:*:*:*:android:*:*",
"matchCriteriaId": "7CC34BFF-968F-4084-B381-D537295DD43B",
"versionEndExcluding": "6.2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zoom:video_software_development_kit:*:*:*:*:*:iphone_os:*:*",
"matchCriteriaId": "0BD54A14-0E43-45C7-9A06-F566A01A88B5",
"versionEndExcluding": "6.2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zoom:video_software_development_kit:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "6B97E992-19EB-4B47-A046-1C656E26349F",
"versionEndExcluding": "6.2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zoom:video_software_development_kit:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "697C24CB-BEF7-4305-A255-2E552F7D9012",
"versionEndExcluding": "6.2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zoom:video_software_development_kit:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1126B8E5-38A9-4E00-9103-6C4EFDE6D60C",
"versionEndExcluding": "6.2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zoom:workplace:*:*:*:*:*:android:*:*",
"matchCriteriaId": "9C0D8576-B9C5-4597-B41C-33369B3B574D",
"versionEndExcluding": "6.2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zoom:workplace:*:*:*:*:*:iphone_os:*:*",
"matchCriteriaId": "DBBD2007-4200-485E-A7E4-88125182125F",
"versionEndExcluding": "6.2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "5ECF5B7E-9FEC-44AC-B122-E626F29A136D",
"versionEndExcluding": "6.2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "0E8C5ED8-5948-418B-B4E7-6D831368AF05",
"versionEndExcluding": "6.2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zoom:workplace_desktop:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "6FC0F189-0F60-4EAB-9C35-0A62F06BFAC4",
"versionEndExcluding": "6.2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zoom:workplace_virtual_desktop_infrastructure:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "645FDC99-C05E-4819-AA55-F9A80A98F567",
"versionEndExcluding": "6.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zoom:workplace_virtual_desktop_infrastructure:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "9E06D46C-AE61-4533-A8F7-6E6CA9830155",
"versionEndExcluding": "6.1.13",
"versionStartIncluding": "6.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write in some Zoom Workplace Apps may allow an authorized user to conduct a loss of integrity via network access."
},
{
"lang": "es",
"value": "Fuera de los l\u00edmites la escritura en algunas aplicaciones de Zoom Workplace puede permitir que un usuario autorizado realice una p\u00e9rdida de integridad a trav\u00e9s del acceso a la red."
}
],
"id": "CVE-2025-0144",
"lastModified": "2025-08-20T12:36:29.310",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4,
"source": "security@zoom.us",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-30T20:15:34.210",
"references": [
{
"source": "security@zoom.us",
"tags": [
"Vendor Advisory"
],
"url": "https://www.zoom.com/en/trust/security-bulletin/zsb-25003/"
}
],
"sourceIdentifier": "security@zoom.us",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "security@zoom.us",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…